package com.adms.util;

import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;

import com.adms.domain.User;


public class PasswordUtil {
	public static void main(String[] args) {
		User u = new User();
		u.setUsername("testschool");
		u.setPassword("123");
		encryptPassword(u);
		System.out.println(u.getPassword());
		System.out.println(u.getSalt());
	}

	private static RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator();
	private static String algorithmName = "md5";
	private static int hashIterations = 2;

	public static void encryptPassword(User user) {
		String salt = randomNumberGenerator.nextBytes().toHex();
		String newPassword = new SimpleHash(algorithmName, user.getPassword(), salt, hashIterations).toHex();
		user.setSalt(salt);
		user.setPassword(newPassword);
	}

	public static boolean checkPassword(String password, User user) {
		return user.getPassword().equals(new SimpleHash(algorithmName,password,user.getSalt(), hashIterations).toHex());
	}
}
